我正在使用IBM Bluemix平台,我正在尝试在超级基础Node JS应用程序之上添加SSO登录页面作为安全性。我一直在这里关注本指南:https://www.ng.bluemix.net/docs/services/SingleSignOn/index-gentopic2.html#task_configuringapp
然而,我得到的只是一个错误:“无法获取/”
这是我的app.js代码:
var express = require('express');
var passport = require('passport');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var cfenv = require('cfenv');
//create a new express server
var app = express();
// SSO
app.use(cookieParser());
app.use(session({resave: 'true', saveUninitialized: 'true' , secret: 'keyboard cat'}));
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
// VCAP_SERVICES contains all the credentials of services bound to
// this application. For details of its content, please refer to
// the document or sample of each service.
var services = JSON.parse(process.env.VCAP_SERVICES || "{}");
var ssoConfig = services.SingleSignOn[0];
var client_id = ssoConfig.credentials.clientId;
var client_secret = ssoConfig.credentials.secret;
var authorization_url = ssoConfig.credentials.authorizationEndpointUrl;
var token_url = ssoConfig.credentials.tokenEndpointUrl;
var issuer_id = ssoConfig.credentials.issuerIdentifier;
var callback_url = 'https://sso-test-6.mybluemix.net/auth/sso/callback';
var OpenIDConnectStrategy = require('passport-idaas-openidconnect').IDaaSOIDCStrategy;
var Strategy = new OpenIDConnectStrategy({
authorizationURL : authorization_url,
tokenURL : token_url,
clientID : client_id,
scope: 'openid',
response_type: 'code',
clientSecret : client_secret,
callbackURL : callback_url,
skipUserProfile: true,
issuer: issuer_id},
function(iss, sub, profile, accessToken, refreshToken, params, done) {
process.nextTick(function() {
profile.accessToken = accessToken;
profile.refreshToken = refreshToken;
done(null, profile);
})
});
passport.use(Strategy);
app.get('/login', passport.authenticate('openidconnect', {}));
function ensureAuthenticated(req, res, next) {
if(!req.isAuthenticated()) {
req.session.originalUrl = req.originalUrl;
res.redirect('/login');
} else {
return next();
}
}
app.get('/auth/sso/callback',function(req,res,next) {
var redirect_url = req.session.originalUrl;
passport.authenticate('openidconnect', {
successRedirect: redirect_url,
failureRedirect: '/failure',
})(req,res,next);
});
app.get('/failure', function(req, res) {
res.send('login failed'); });
//get the app environment from Cloud Foundry
var appEnv = cfenv.getAppEnv();
// start server on the specified port and binding host
app.listen(appEnv.port, function() {
// print a message when the server starts listening
console.log("server starting on " + appEnv.url);
});
我觉得我在做一些非常愚蠢的事情?但我无法弄明白 - .-
答案 0 :(得分:0)
您需要定义路线' /'然后重定向用户登录。
例如:
app.get('/', function(req, res) {
res.send('Single Sign On <a href="/login">Login</a>\n');
});
您可以在以下链接中看到一个很好的示例:
http://www.ibm.com/developerworks/library/se-bluemix-single-sign-on-app/index.html#N1040F